summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog6
-rw-r--r--sftp-int.c49
2 files changed, 38 insertions, 17 deletions
diff --git a/ChangeLog b/ChangeLog
index f645e683e..c2bb7bc32 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -15,6 +15,10 @@
15 - deraadt@cvs.openbsd.org 2003/07/18 01:54:25 15 - deraadt@cvs.openbsd.org 2003/07/18 01:54:25
16 [scp.c] 16 [scp.c]
17 userid is unsigned, but well, force it anyways; andrushock@korovino.net 17 userid is unsigned, but well, force it anyways; andrushock@korovino.net
18 - djm@cvs.openbsd.org 2003/07/19 00:45:53
19 [sftp-int.c]
20 fix sftp filename parsing for arguments with escaped quotes. bz #517;
21 ok markus
18 22
1920030714 2320030714
20 - (dtucker) [acconfig.h configure.ac port-aix.c] Older AIXes don't declare 24 - (dtucker) [acconfig.h configure.ac port-aix.c] Older AIXes don't declare
@@ -711,4 +715,4 @@
711 - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo. 715 - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo.
712 Report from murple@murple.net, diagnosis from dtucker@zip.com.au 716 Report from murple@murple.net, diagnosis from dtucker@zip.com.au
713 717
714$Id: ChangeLog,v 1.2861 2003/07/19 10:07:45 dtucker Exp $ 718$Id: ChangeLog,v 1.2862 2003/07/19 10:09:21 dtucker Exp $
diff --git a/sftp-int.c b/sftp-int.c
index f2d3f9468..73653b7e0 100644
--- a/sftp-int.c
+++ b/sftp-int.c
@@ -25,7 +25,7 @@
25/* XXX: recursive operations */ 25/* XXX: recursive operations */
26 26
27#include "includes.h" 27#include "includes.h"
28RCSID("$OpenBSD: sftp-int.c,v 1.60 2003/05/15 03:43:59 mouring Exp $"); 28RCSID("$OpenBSD: sftp-int.c,v 1.61 2003/07/19 00:45:53 djm Exp $");
29 29
30#include "buffer.h" 30#include "buffer.h"
31#include "xmalloc.h" 31#include "xmalloc.h"
@@ -332,7 +332,7 @@ get_pathname(const char **cpp, char **path)
332{ 332{
333 const char *cp = *cpp, *end; 333 const char *cp = *cpp, *end;
334 char quot; 334 char quot;
335 int i; 335 int i, j;
336 336
337 cp += strspn(cp, WHITESPACE); 337 cp += strspn(cp, WHITESPACE);
338 if (!*cp) { 338 if (!*cp) {
@@ -341,37 +341,54 @@ get_pathname(const char **cpp, char **path)
341 return (0); 341 return (0);
342 } 342 }
343 343
344 *path = xmalloc(strlen(cp) + 1);
345
344 /* Check for quoted filenames */ 346 /* Check for quoted filenames */
345 if (*cp == '\"' || *cp == '\'') { 347 if (*cp == '\"' || *cp == '\'') {
346 quot = *cp++; 348 quot = *cp++;
347 349
348 end = strchr(cp, quot); 350 /* Search for terminating quote, unescape some chars */
349 if (end == NULL) { 351 for (i = j = 0; i <= strlen(cp); i++) {
350 error("Unterminated quote"); 352 if (cp[i] == quot) { /* Found quote */
351 goto fail; 353 (*path)[j] = '\0';
354 break;
355 }
356 if (cp[i] == '\0') { /* End of string */
357 error("Unterminated quote");
358 goto fail;
359 }
360 if (cp[i] == '\\') { /* Escaped characters */
361 i++;
362 if (cp[i] != '\'' && cp[i] != '\"' &&
363 cp[i] != '\\') {
364 error("Bad escaped character '\%c'",
365 cp[i]);
366 goto fail;
367 }
368 }
369 (*path)[j++] = cp[i];
352 } 370 }
353 if (cp == end) { 371
372 if (j == 0) {
354 error("Empty quotes"); 373 error("Empty quotes");
355 goto fail; 374 goto fail;
356 } 375 }
357 *cpp = end + 1 + strspn(end + 1, WHITESPACE); 376 *cpp = cp + i + strspn(cp + i, WHITESPACE);
358 } else { 377 } else {
359 /* Read to end of filename */ 378 /* Read to end of filename */
360 end = strpbrk(cp, WHITESPACE); 379 end = strpbrk(cp, WHITESPACE);
361 if (end == NULL) 380 if (end == NULL)
362 end = strchr(cp, '\0'); 381 end = strchr(cp, '\0');
363 *cpp = end + strspn(end, WHITESPACE); 382 *cpp = end + strspn(end, WHITESPACE);
364 }
365
366 i = end - cp;
367 383
368 *path = xmalloc(i + 1); 384 memcpy(*path, cp, end - cp);
369 memcpy(*path, cp, i); 385 (*path)[end - cp] = '\0';
370 (*path)[i] = '\0'; 386 }
371 return(0); 387 return (0);
372 388
373 fail: 389 fail:
374 *path = NULL; 390 xfree(*path);
391 *path = NULL;
375 return (-1); 392 return (-1);
376} 393}
377 394